OpenBSD: Drop now unneeded file system access for save file
All opening happens before unveil/pledge and the file handle is kept open read/write so it can be used without any pledge. Simpler/less code and less chances to write other files (accidentially).master
parent
cdd4ccf16f
commit
772c9789b7
5
chat.c
5
chat.c
|
@ -283,16 +283,15 @@ int main(int argc, char *argv[]) {
|
||||||
|
|
||||||
#ifdef __OpenBSD__
|
#ifdef __OpenBSD__
|
||||||
if (self.restricted) {
|
if (self.restricted) {
|
||||||
if (save || logEnable) {
|
if (logEnable) {
|
||||||
dataMkdir("");
|
dataMkdir("");
|
||||||
unveilData("");
|
unveilData("");
|
||||||
}
|
}
|
||||||
if (save) unveilData(save);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
char promises[64] = "stdio tty";
|
char promises[64] = "stdio tty";
|
||||||
char *ptr = &promises[strlen(promises)], *end = &promises[sizeof(promises)];
|
char *ptr = &promises[strlen(promises)], *end = &promises[sizeof(promises)];
|
||||||
if (save || logEnable) ptr = seprintf(ptr, end, " wpath cpath");
|
if (logEnable) ptr = seprintf(ptr, end, " wpath cpath");
|
||||||
if (!self.restricted) ptr = seprintf(ptr, end, " proc exec");
|
if (!self.restricted) ptr = seprintf(ptr, end, " proc exec");
|
||||||
|
|
||||||
char *promisesFinal = strdup(promises);
|
char *promisesFinal = strdup(promises);
|
||||||
|
|
Loading…
Reference in New Issue